Information Security vs. Cybersecurity, Part 2

by Brent Kirkpatrick

(Date Published: 2/9/2018.)

Cybersecurity is not information security.

Are your security efforts centered around limiting access to computers or around the risk of information being shared? The goal of cybersecurity is to permit only certain users to access a computer. This is a counter-point to information security which is the control of information.

Hacking is defined as unauthorized access to computer systems. You can remain unhacked while completely losing information security. For example, you make sales of a music recording that later becomes pirated. As another example, you might send an email to a business associate, and later you find that the email went viral due to (legitimate) forwarding.

The EU has recently passed legislation requiring the use of Data Protection Officers to over-see information security. They catalog sensitive data, evaluate the associated risks of exposure, and manage data breaches.